I need to replace a specific string inside a file with the value of an environment variable, but I only get and empty value.
Here my code:
- template:
src: myfile.yml
dest: /etc/myfile.yml
mode: '0755'
- name: Update template env
become: true
shell: sed -i "s/HELK_ID/{{ lookup('env', 'HELK_ID') }}/" /etc/myfile.yml
Inside /etc/environment:
HELK_ID=aaaa
How can I replace the string with the environment value?
I only get and empty value.
Since Lookup plugins
Like all templating ... execute and are evaluated on the Ansible Control Machine ...
the env lookup – Read the value of environment variables
Allows you to query the environment variables available on the Controller when you invoked Ansible.
To gather the environment on the Remote Node it is recommended to gather_facts about the env. The answer under Is it possible to gather only specific facts in Ansible? show also how to debug.
After that tasks like
- name: Update template env
become: true
shell: "sed -i 's/HELK_ID/{{ ansible_facts.env.HELK_ID }}/' /etc/myfile.yml"
are possible, whereby the in the other answer here given example for replace
- replace:
path: /tmp/myfile.yml
regexp: 'HELK_ID'
replace: "{{ ansible_facts.env.HELK_ID }}"
should be preferred since it is using the corresponding Ansible module.
Since you are using template to write out the file to the Remote Node, it might be possible to adjust your template file myfile.yml.j2 with the environment varaible inside you'll end up with one single task.
myfile.yml.j2
HELK_ID = {{ ansible_facts.env.HELK_ID }}
playbook.yml
---
- hosts: filebeat_nodes
become: false
gather_facts: true
gather_subset:
- "env"
- "!all"
- "!min"
tasks:
- template:
src: myfile.yml.j2
dest: /etc/myfile.yml
mode: '0755'
You can't expect the module shell will provide you by default with the environment variables from /etc/environment. The file /etc/environment is used by PAM. If you need it, it's easier to read and parse the file on your own. For example, given the file
shell> cat /etc/environment
PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin"
HELK_ID=aaaa
read the file
- command: cat /etc/environment
register: env_out
and use the filter community.general.jc
env: "{{ env_out.stdout|community.general.jc('ini') }}"
gives
env:
HELK_ID: aaaa
PATH: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin
Given the file
shell> cat /tmp/myfile.yml
var1: [foo, HELK_ID, bar]
Use the module replace to substitute the environment variable
- replace:
path: /tmp/myfile.yml
regexp: 'HELK_ID'
replace: "{{ env.HELK_ID }}"
gives, running with '--check --diff' options
TASK [replace] *******************************************************************************
--- before: /tmp/myfile.yml
+++ after: /tmp/myfile.yml
@@ -1 +1 @@
-var1: [foo, HELK_ID, bar]
+var1: [foo, aaaa, bar]
Example of a complete playbook for testing
- hosts: all
vars:
env: "{{ env_out.stdout|community.general.jc('ini') }}"
tasks:
- command: cat /etc/environment
register: env_out
check_mode: false # runs the command also with --check
- debug:
var: env
- replace:
path: /tmp/myfile.yml
regexp: 'HELK_ID'
replace: "{{ env.HELK_ID }}"
gives
shell> ansible-playbook pb.yml -l localhost --check --diff
PLAY [all] ***********************************************************************************
TASK [command] *******************************************************************************
changed: [localhost]
TASK [debug] *********************************************************************************
ok: [localhost] =>
env:
HELK_ID: aaaa
PATH: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin
TASK [replace] *******************************************************************************
--- before: /tmp/myfile.yml
+++ after: /tmp/myfile.yml
@@ -1 +1 @@
-var1: [foo, HELK_ID, bar]
+var1: [foo, aaaa, bar]
changed: [localhost]
PLAY RECAP ***********************************************************************************
localhost: ok=3 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
